Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.
-
Upload
shirley-mcdowell -
Category
Documents
-
view
217 -
download
5
Transcript of Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.
![Page 1: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/1.jpg)
Naturally Rehearsing Passwords
Jeremiah BlockiASIACRYPT 2013
Manuel Blum Anupam Datta
![Page 2: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/2.jpg)
2
Memory Experiment 1Person Alan Turing
Action Kissing
Object Piranha
![Page 3: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/3.jpg)
Memory Experiment 2Person Bill GatesAction swallowing
Object bike
![Page 4: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/4.jpg)
4
Password Management Scheme
Competing Goals:Securit
y
Usabilit
y…
![Page 5: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/5.jpg)
5
A Challenging Problem
• Traditional Security Advice
Not too short
Use mix of lower/upper case letters
Change your passwords every 90 days
Use numbers and letters
Don’t use words/names
Use special symbols
Don’t Write it Down
Don’t Reuse Passwords
![Page 6: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/6.jpg)
6
Outline
• Introduction and Experiments
• Example Password Management Schemes
• Quantifying Usability
• Quantifying Security
• Our Password Management Scheme
![Page 7: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/7.jpg)
Example Password Management Schemes
• Scheme 1: Reuse Password• Pick four random words w1,w2,w3,w4
Account Amazon Ebay
Password w1w2w3w4 w1w2w3w4
• Scheme 2: Strong Random IndependentAccount Amazon Ebay
Password w1w2w3w4 x1x2x3x4
![Page 8: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/8.jpg)
Questions
• How can we evaluate password management strategies?– Quantify Usability– Quantify Security
• Can we design password management schemes which balance security and usability considerations?
![Page 9: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/9.jpg)
9
Outline• Introduction and Experiments
• Example Password Management Schemes
• Quantifying Usability– Human Memory– Rehearsal Requirement– Visitation Schedule
• Quantifying Security
• Our Password Management Scheme
![Page 10: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/10.jpg)
10
Human Memory is Semantic
• Memorize: nbccbsabc
• Memorize: tkqizrlwp
• 3 Chunks vs. 9 Chunks!
• Usability Goal: Minimize Number of Chunks
Source: The magical number seven, plus or minus two [Miller, 56]
![Page 11: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/11.jpg)
11
Human Memory is Associative
?
![Page 12: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/12.jpg)
12
Cues
• Cue: context when a memory is stored
• Surrounding Environment– Sounds– Visual Surroundings– Web Site– ….
• As time passes we forget some of this context…
![Page 13: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/13.jpg)
Human Memory is Lossy
• Rehearse or Forget!– How much work?
• Quantify Usability– Rehearsal Assumption
pamazon
pgoogle
????
13
![Page 14: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/14.jpg)
Quantifying Usability
• Human Memory is Lossy– Rehearse or Forget!– How much work does this take?
• Rehearsal Assumptions
• Visitation Schedule– Natural Rehearsal for frequently visited accounts
![Page 15: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/15.jpg)
Rehearsal Requirement
Expanding Rehearsal Assumption: user maintains cue-association pair by rehearsing during each interval [si, si+1].
Day: 1 2 4 5 8
Visit Amazon: Natural Rehearsal
Xt: extra rehearsals to maintain all passwords for t days.
15
![Page 16: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/16.jpg)
Rehearsal Requirement
Day: 1 2 4 5 8
Xt: extra rehearsals to maintain all passwords for t days.
Reuse Password
Independent Passwords
X8 0 2
![Page 17: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/17.jpg)
Poisson Process with parameter 𝞴
Cue shared by Amazon and Google+ 𝞴
Visitation Schedule
17
t1 t2 t2
![Page 18: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/18.jpg)
Visitation Schedule
User =1 (daily)
=1/3 (biweekly)
=1/7(weekly)
=1/31 (monthly)
=1/365 (annual)
Active 10 10 10 10 35Typical 5 10 10 10 40Occasional 2 10 20 20 23Infrequent 0 2 5 10 58
Number of accounts visited with frequency
Day: 2 4 5 8
Poisson Process with parameter Amazon Google
![Page 19: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/19.jpg)
19
Usability ResultsReuseStrong
Strong Random Independent
Active 0.023 420Typical 0.084 456.6Occasional 0.12 502.7Infrequent 1.2 564
E[X365]: Extra Rehearsals to maintain all passwords over the first year.
Usable Unusable
![Page 20: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/20.jpg)
20
Outline• Introduction and Experiments
• Example Password Management Schemes
• Quantifying Usability
• Quantifying Security– Background– Philosophy– Security Definition: Password Guessing Game
• Our Password Management Scheme
![Page 21: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/21.jpg)
21
Security (what could go wrong?)
Online Offline Phishing
Danger
Three Types of Attacks
![Page 22: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/22.jpg)
22
Online Attack
password
123456
123456
Guess Limit: k-strikes policy
![Page 23: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/23.jpg)
23
Offline Dictionary Attack
Username
jblocki
+
jblocki, 123456
SHA1(12345689d978034a3f6)=85e23cfe0021f584e3db87aa72630a9a2345c062
Hash
85e23cfe0021f584e3db87aa72630a9a2345c062
Salt
89d978034a3f6
![Page 24: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/24.jpg)
24
Plaintext Recovery Attack
PayPaul.compwd
pwd
![Page 25: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/25.jpg)
25
Snowball Effect
Source: CERT Incident Note IN-98.03: Password Cracking Activity
PayPaul.com+
pwd
pwd
![Page 26: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/26.jpg)
26
Our Security Approach
• Dangerous World Assumption– Not enough to defend against existing adversaries– Adversary can adapt after learning the user’s new
password management strategy
• Provide guarantees even when things go wrong– Offline attacks should fail with high probability– Limit damage of a successful phishing attack
![Page 27: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/27.jpg)
+
Password Guessing Game
PayPaul.com
q$1,000,000 guesses
p5
BCRYPT(p4)p5
p4
p3
p2
p1
![Page 28: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/28.jpg)
28
Password Guessing Game
• Adversary can compromise at most r sites (phishing).
• Adversary can execute offline attacks against at most h additional sites – Resource Constraints => at most q guesses
• Adversary wins if he can compromise any new sites.
pwd
BCRYPT(pwd)
![Page 29: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/29.jpg)
29
(q,,m,s,r,h)-Security
For any adversary Adv
r = # h = #
Offline Attack AccountsPhishing Attack Accounts
q = # offline guesses
m = # of accounts
s = # online guesses
![Page 30: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/30.jpg)
30
Example: (q,,m,3,1,1)-Security
PayPaul.com+q guessesr=1
h=1
![Page 31: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/31.jpg)
Security Results
(q$1,000,000,,m,3,r,h)-security
Attacks r= 1 r= 1 h=1
r=2
Reuse No No No No
Strong Random Independent
Yes Yes Yes YesUsable + Insecure
Unusable + Secure
![Page 32: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/32.jpg)
32
Outline
• Introduction and Experiments
• Example Password Management Schemes
• Quantifying Usability
• Quantifying Security
• Our Password Management Scheme
![Page 33: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/33.jpg)
Our Approach
Object: bike
Public Cue Private
Action: kicking
Object: penguin
![Page 34: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/34.jpg)
LoginPw
d
Kic+Pen + Tor+Lio + ...
…
Kis+pir
![Page 35: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/35.jpg)
LoginPw
d
Kic+Pen + ….
…
Swa+bik
![Page 36: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/36.jpg)
Sharing Cues
• Usability Advantages– Fewer stories to remember!– More Natural Rehearsals!
• Security?
Day: 1 2 4 5 8
36
![Page 37: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/37.jpg)
(n,l,)-Sharing Set Family
Definition: A (n,l,)-Sharing Set Family of size m is a family of sets {S1,…,Sm} with the following properties
n𝜸
n
𝑺𝒊
𝑺 𝒋
𝒍𝒍
![Page 38: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/38.jpg)
(n,l,)-Sharing Set Family
m – number of passwords {S1,…,Sm}.
n – total #PAO storiesl – #PAO stories for each site– max intersection – PAO stories for account i.
n𝜸
n
𝒍𝑺𝒊
𝑺 𝒋
𝒍
![Page 39: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/39.jpg)
Security Results
(q$1,000,000,,m,3,r,h)-security
Attacks r= 1 r= 1 h=1
r=2
(n,4,4)-Sharing[Reuse]
No No No No
(n,4,0)-Sharing[Independent]
Yes Yes Yes Yes
(n,4,1)-Sharing[SC-1]
Yes Yes Yes No
(n,4,3)-Sharing[SC-0]
Yes No Yes No
![Page 40: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/40.jpg)
40
Sharing Cues
Thm: There is a (43,4,1)-Sharing Set Family of size m=90, and a (9,4,3)-Sharing Set Family of size 126
• Proof? – Chinese Remainder Theorem!– Notice that 43 = 9+10+11+13 where 9, 10, 11, 13 are
pair wise coprime.– Ai uses cues: {i mod 9, i mod 10, i mod 11, i mod 13}
![Page 41: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/41.jpg)
Chinese Remainder Theorem
By the Chinese Remainder Theorem there is a unique number x s.t
1) 2) 3)
Hence, for accounts Ai and Aj cannot use the same red cue and blue cue.
![Page 42: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/42.jpg)
42
Usability ResultsReuse Strong Random
IndependentSC-1 SC-0
Active 0 420 3.93 0Typical 0 456.6 10.89 0Occasional 0 502.7 22.07 0Infrequent 1.2 564 119.77 2.44
E[X365]: Extra Rehearsals to maintain all passwords over the first year.
![Page 43: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/43.jpg)
Security Results
(q$1,000,000,,m,3,r,h)-security
Attacks r= 1 r= 1 h=1
r=2
(n,4,4)-Sharing[Reuse]
No No No No
(n,4,0)-Sharing[Independent]
Yes Yes Yes Yes
(n,4,1)-Sharing[SC-1]
Yes Yes Yes No
(n,4,3)-Sharing[SC-0]
Yes No Yes No
Usable + Insecure
Unusable + Secure
Usable + Secure
Usable + Secure
![Page 45: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/45.jpg)
Backup Slides
![Page 46: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/46.jpg)
User Study
• Validity of Expanding Rehearsal Assumption
• Mnemonic Devices and Rehearsal Schedules
• Collaborate with CyLab Usable Privacy and Security group (CUPS)
![Page 47: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/47.jpg)
User Study Protocol
• Memorization Phase (5 minutes):– Participants asked to memorize four randomly selected
person-action object stories.
• Rehearsal Phase (90 days):– Participants periodically asked to return and rehearse
their stories (following rehearsal schedule)
![Page 48: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/48.jpg)
Password Managers?
![Page 49: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/49.jpg)
Limited Protection
![Page 50: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/50.jpg)
Limited Protection
![Page 51: Naturally Rehearsing Passwords Jeremiah Blocki ASIACRYPT 2013 Manuel Blum Anupam Datta.](https://reader031.fdocuments.in/reader031/viewer/2022032517/56649c905503460f9494967f/html5/thumbnails/51.jpg)